<?php
$type = $_GET["request"];

$con = mysql_connect("cubist.cs.washington.edu", "bje575", "KumMz43y")
or die("Could not connect: " . mysql_error());

mysql_select_db("bje575_VaccineRegistry")
or die("Failed to select database");


file_put_contents('/tmp/postdata.txt', var_export($_POST, true));

if ($type == "get") {
	$result = mysql_query("select * from Patients order by lname");
	if (!$result) {
		die("Invalid query: " . mysql_error());
	} else {
		while ($e = mysql_fetch_assoc($result))
			$output[] = $e;
		print(json_encode($output));
	}
} else if ($type == "add") {
	$pid = $_GET["pid"];
	$lname = $_GET["lname"];
	$fname = $_GET["fname"];
	$dob = $_GET["dob"];
	$loc = $_GET["loc"];
	$fathname = $_GET["fathname"];
	$mothname = $_GET["mothname"];

	echo($pid);
	echo($lname);
	echo($fname);
	echo($dob);

	$dateTime = new DateTime("now", new DateTimeZone('PST'));
	$editdate = $dateTime->format("Y-m-d H:i:s");

	mysql_query("insert into Patients values('$pid', '$lname', '$fname', '$dob', '$loc', '$fathname', '$mothname', '$editdate', '0')");

} else if ($type == "vac") {
	$pid = $_GET["pid"];
	$vid = $_GET["vid"];
	$dateAdmin = "" . date('m-d-Y');
	echo($pid);
	echo($vid);
	echo($dateAdmin);

	mysql_query("insert into PatientHistory values('$pid', '$vid', '$dateAdmin')");

} else if ($type == "vacLocal") {
	$pid = $_GET["pid"];
	$vid = $_GET["vid"];
	$dateAdmin = $_GET["date"];
	echo($pid);
	echo($vid);
	echo($dateAdmin);

	mysql_query("insert into PatientHistory values('$pid', '$vid', '$dateAdmin')");

} else if ($type == "getVac") {
	$result = mysql_query("select * from Vaccines");
	if (!$result) {
		die("Invalid query: " . mysql_error());
	} else {
		while ($e = mysql_fetch_assoc($result))
			$output[] = $e;
		print(json_encode($output));
	}
} else if ($type == "search") {
	$pid = $_GET["pid"];
	$lname = $_GET["lname"];
	$fname = $_GET["fname"];
	$dob = $_GET["dob"];
	$loc = $_GET["loc"];
	$fathname = $_GET["fathname"];
	$mothname = $_GET["mothname"];

	$query = "select * from Patients";
	if ($pid or $lname or $fname or $dob) {
		$query = $query . " where";
	}
	$first = FALSE;
	if ($pid != "") {
		$first = TRUE;
		$query = $query . " pid=\"" . $pid . "\"";
	}
	if ($lname != "") {
		if($first) {
			$query = $query . " and";
		}
		$first = TRUE;
		$query = $query . " lname=\"" . $lname . "\"";
	}
	if ($fname != "") {
		if ($first) {
			$query = $query . " and";
		}
		$first = TRUE;
		$query = $query . " fname=\"" . $fname . "\"";
	}
	if ($loc != "") {
		if ($first) {
			$query = $query . " and";
		}
		$first = TRUE;
		$query = $query . " location=\"" . $loc . "\"";
	}
	if ($fathname != "") {
		if ($first) {
			$query = $query . " and";
		}
		$first = TRUE;
		$query = $query . " fathername=\"" . $fathname . "\"";
	}
	if ($mothname != "") {
		if ($first) {
			$query = $query . " and";
		}
		$first = TRUE;
		$query = $query . " mothername=\"" . $mothname . "\"";
	}
	/*if ($dob != "") {
    		if($first){
    			$query = $query . " and";
    		}
    		$query = $query . " dob=\"" . $dob . "\"";
    	}*/
	$result = mysql_query($query . " order by lname");
	if (!$result) {
		die("Invalid query: " . mysql_error());
	} else {
		while ($e = mysql_fetch_assoc($result))
			$output[] = $e;
		print(json_encode($output));
	}
} else if ($type == "vacTaken") {
	$pid = $_GET["pid"];
	$query = "SELECT vid, dategiven FROM PatientHistory where pid = \"" . $pid . "\"";
	$result = mysql_query($query);
	if (!$result) {
		die("Invalid query: " . mysql_error());
	} else {
		while ($e = mysql_fetch_assoc($result))
			$output[] = $e;
		print(json_encode($output));
	}
} else if ($type == "getPatientHistory") {
	$result = mysql_query("select * from PatientHistory");
	if (!$result) {
		die("Invalid query: " . mysql_error());
	} else {
		while ($e = mysql_fetch_assoc($result))
			$output[] = $e;
		print(json_encode($output));
	}
} else if ($type == "edit") {
	$pid = $_GET["pid"];
	$fname = $_GET["fname"];
	$lname = $_GET["lname"];
	$dob = $_GET["dob"];
	$loc = $_GET["loc"];
	$fathname = $_GET["fathname"];
	$mothname = $_GET["mothname"];
	$editdate = $_GET["editdate"];

	$querydate = "Select editdate from Patients where pid = \"" . $pid . "\"";
	
	

	$query = "Update Patients set fname = \"" . $fname . "\", lname = \"" . $lname . "\", dob = \"" . $dob . "\", location = \"" . $loc . "\", fathername = \"" . $fathname . "\", mothername = \"" . $mothname . "\", editdate = \"" . $editdate . "\"
			where pid = \"" . $pid . "\"";
	print($query);
	mysql_query($query);
} else if($type == "test") {
	$dateTime = new DateTime("now", new DateTimeZone('PST'));
	echo $dateTime->format("Y-m-d H:i:s");
/*	$date = new DateTime("2012-05-29 16:28:33" new DateTimeZone('PST'));
	echo $date->format("Y-m-d H:i:s");
*/
}

mysql_close();

?>